VMware Cloud Community
skayser
Enthusiast
Enthusiast

Custom certificate plus certificate chain?

Greetings,

we successfully replaced the ESX host certificate/key with ones created by an internal CA. There is just one problem: in addition to the host certificate itself, we also need to present a part of the certificate chain to connecting clients. Now, even if we include these certificates in the rui.crt file, ESX always only delivers the host certificate itself. This can be seen when connecting with a browser or with openssl s_client. That is

openssl s_client -connect esxhost:443 -showcerts -quiet

always only displays the host certificate itself and says depth=0. Does anyone know how to configure ESX so that it also presents the certificate chain? Is this possible at all? Regular apache/tomcat installations at our site can do this just fine.

Sebastian

Reply
0 Kudos
0 Replies